I am trying to get the Tailscale Traefik 3 integration for automated cert generation as is described by the blog post “Exploring the Tailscale-Traefik Integration | Traefik Labs”, which for some irritating reason this forum will not let me include the stupid link to that blog.
I have a FastAPI Python app that runs fine on localhost : 8000 as well as the tailscale machinename : 8000, as well as tailscale machinename + ts net : 8000, but when trying https + machinename + dnsname ts net I get bad gateway and https + machinename produces a 404 page not found. (sorry for the odd url representation, this forum prevents including urls for some incredibly stupid reason)
The host Tailscale is installed is a Win11 system with Docker Desktop, with both the FastAPI app container and the WSL2 host being Ubuntu. Tailscale is not installed in the FastAPI container, but my Docker Desktop has the Tailscale extension, providing urls directly to the Traefik and FastAPI containers.
I ran the “tailscale cert machinename + dnsname.ts.net”, and have the following docker compose file:
version: "3.3"
networks:
web:
external: true
internal:
external: false
services:
traefik:
image: "traefik:v3.0"
container_name: "traefik"
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.network=internal"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
- "--certificatesresolvers.myresolver.tailscale=true"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock
networks:
- web
- internal
web:
build: ./src
container_name: "web"
command: |
bash -c 'while !</dev/tcp/db/5432; do sleep 1; done; uvicorn app.main:app --reload --workers 4 --host 0.0.0.0 --port 8000'
labels:
- traefik.enable=true
- traefik.http.routers.web.rule=Host(`*******.*******.ts.net`)
- traefik.http.routers.web.tls.certresolver=myresolver
- traefik.http.routers.web.entrypoints=websecure
volumes:
- ./src/:/home/app/web
ports:
# hostPort:containerPort
- 8000:8000
environment:
- DATABASE_URL=postgresql://*****:*****@db/*****
networks:
- web
- internal
db:
image: postgres:13-alpine
container_name: "postgres"
volumes:
- postgres_data:/var/lib/postgresql/data/
expose:
- 5432
environment:
- POSTGRES_USER=*****
- POSTGRES_PASSWORD=*****
- POSTGRES_DB=*****
networks:
- internal
volumes:
postgres_data:
Anyone have any suggestions? Anything odd with the docker compose? I’ve been spinning my wheels and need some help.